package se.swedenconnect.opensaml.xmlsec.encryption.support;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.opensaml.core.config.ConfigurationService;
import org.opensaml.saml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver;
import org.opensaml.security.credential.Credential;
import org.opensaml.xmlsec.DecryptionConfiguration;
import org.opensaml.xmlsec.DecryptionParameters;
import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
import org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.SimpleKeyInfoReferenceEncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.SimpleRetrievalMethodEncryptedKeyResolver;
import org.opensaml.xmlsec.impl.BasicDecryptionConfiguration;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.ChainingKeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.LocalKeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider;
import se.swedenconnect.opensaml.xmlsec.keyinfo.provider.KeyAgreementMethodKeyInfoProvider;

/* loaded from: input_file:se/swedenconnect/opensaml/xmlsec/encryption/support/DecryptionUtils.class */
public class DecryptionUtils {
    public static DecryptionParameters createDecryptionParameters(Credential... credentialArr) {
        DecryptionParameters decryptionParameters = new DecryptionParameters();
        BasicDecryptionConfiguration basicDecryptionConfiguration = (DecryptionConfiguration) ConfigurationService.get(DecryptionConfiguration.class);
        if (basicDecryptionConfiguration == null) {
            basicDecryptionConfiguration = DefaultSecurityConfigurationBootstrap.buildDefaultDecryptionConfiguration();
        }
        decryptionParameters.setBlacklistedAlgorithms(basicDecryptionConfiguration.getBlacklistedAlgorithms());
        decryptionParameters.setWhitelistedAlgorithms(basicDecryptionConfiguration.getWhitelistedAlgorithms());
        decryptionParameters.setDataKeyInfoCredentialResolver(basicDecryptionConfiguration.getDataKeyInfoCredentialResolver());
        decryptionParameters.setEncryptedKeyResolver(new ChainingEncryptedKeyResolver(Arrays.asList(new InlineEncryptedKeyResolver(), new EncryptedElementTypeEncryptedKeyResolver(), new SimpleRetrievalMethodEncryptedKeyResolver(), new SimpleKeyInfoReferenceEncryptedKeyResolver())));
        decryptionParameters.setKEKKeyInfoCredentialResolver(createKeyInfoCredentialResolver(credentialArr));
        return decryptionParameters;
    }

    public static KeyInfoCredentialResolver createKeyInfoCredentialResolver(Credential... credentialArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new KeyAgreementMethodKeyInfoProvider());
        arrayList.add(new RSAKeyValueProvider());
        arrayList.add(new DSAKeyValueProvider());
        arrayList.add(new DEREncodedKeyValueProvider());
        arrayList.add(new InlineX509DataProvider());
        List asList = credentialArr != null ? Arrays.asList(credentialArr) : Collections.emptyList();
        return new ChainingKeyInfoCredentialResolver(Arrays.asList(new LocalKeyInfoCredentialResolver(arrayList, new CollectionKeyInfoCredentialResolver(asList)), new StaticKeyInfoCredentialResolver(asList)));
    }

    protected DecryptionUtils() {
    }
}
